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IN THE CLAIM S 

Please amend the claims to read as provided below. 

1. (Curr ;ntly Amended) A $y$tem that provides for remote password 
authentication, c omprising: 

a client; 

apluralii y of authentication servers; 

a network interconnecting the client and the plurality of authentication servers; 

and 

a memo; y, coupled to the client, the memory maintaining instructions that when 
executed by the client, cause the client to receive a password, transmit a unique random 
value yi to each of the servers, derive a group element (P) from the password, send a 
blinded password value (P x ) to the servers, receive blinded key shares (P* yi ) from the 
servers, unblind and combine the blind e d key shares to erate create a master key (K m ), 
and decrypt ena ypted private data using the master key (Km) 

2. (Previously Presented) The system recited in Claim 1 wherein the instructions 
further cause th< client to validate the master key (Km). 

3. (Currently Amended) The system recited in Claim 1 2 wherein the instructions 
further cause th- client to decrypt encrypted private data using the validated master key 
(K™). 

4. CANCEL 

5. (Previously Presented) The system recited in Claim 2 wherein the instructions 
further cause th«: client to send proof of the validated master key (Km) and each blinded 
password value (P*) to the servers. 

6. (Currently Amended) A method that provides for remote password 
authentication iciing a system including a client, a plurality of authentication servers, and 
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a network interconnecting the client and the plurality of authentication servers, the 
method comprising the steps of: 
receiving a password; 

deriving group elements (P) from the password; 
sending l blinded password value (P x ) to the servers; 
receivin: ; blinded key shares (P xy ') from the servers; 

unblindi ig and combining the blind e d key shares to create a master key (Km); and 
decryptr. Lg encrypted private data using the master key (Km)- 

7. (Original) The method recited in Claim 6 further comprising the step of 
validating the m aster key (K m ). 

8. CANCEL 

9. (Original) The method recited in Claim 7 further comprising the step of 
decrypting encrypted private data using the validated master key (K m ). 

10. (Original) The method recited in Claim 7 further comprising the step of 
sending proof o "the validated master key (K^ and each blinded password value (P x ) to 
the servers. 

1 1 . (Pre viously Presented) A computer program embodied on a computer- 
readable medium for enabling remote password authentication in a multiple-server 
system includin g a client, a plurality of authentication servers, and a network 
interconnecting the client and the plurality of authenti cation servers, the computer 
program com] .rising: 

a code s> :gment that enters a password; 

a data st )rage area that contains a unique random value y^ on each of the servers, 
a code s- :gment that derives a group element (P) from the password; 
a code segment that sends blinded password value (P*) to the servers; 
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a code se gment that provided for receiving blinded key shares (P xyi ) from the 
servers; 

a code se gment that miblinds and combines the shares to create a master key 
(Km); 2 nd 

a code segment that decrypts encrypted private data on the client computer using 
the master key ( Sm). 

12. (Ori pnal) The computer program recited in Claim 1 1 further comprising a 
code segment that validates the master key (K m ). 

13. CANCEL 

14. (Ori jinal) The computer program recited in Claim 12 further comprising a 
code segment that decrypts encrypted private data using the validated master key (K^. 

15. (Ori jinal) The computer program recited in Claim 12 further comprising a 
code segment that sends proof of the validated master key (K^) and the blinded password 

value (P x ) to tht servers. 
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16. (Previously Presented) The system recited in Claim 1 wherein the 
authentication s; rvers include a memory for maintaining instructions which, when 
executed by the authentication servers, cause the authentication servers to: 

maintain a count of bad login attempts, the number of recent amplifications, a list 

of recent P x pas:,word amplification request values, and a list of timestamps associated 
with the list of r- :cent password amplification request values on the server; 

receives a blinded password (P x ) request 
records t le blinded password in a short-term list 
checks a user account to see if it is locked; 

creates a blinded key share (P xyi ) in response to the blinded password request; and 
sends the- blinded key share to the client if it is unlocked. 

17. (Previously Presented) The system recited in Claim 16 wherein the 
instructions furt ler cause the authentication servers to: 

records r timestamp value to note the time that the request was received; 

periodically checks for stale requests which are determined when the difference 
between any tin* estamp value and the current time becomes greater than a specific period 
of time; 

deletes c ^rresponding password amplification request values and timestamps; and 
increments the count of bad attempts, 

18. (Pre /iously Presented) The system recited in Claim 16 wherein, when a 
successful login occurs, the instructions further cause the authentication servers to: 

sends a alue of Q/^ equal to the password raised to a random power, along with 
any prior values for Q A from earlier runs in the same login session, to each server in an 
encrypted message; and 

authentic ate the encrypted message using the master key K m . 

19. (Previously Presented) The method recited in Claim 6 further comprising the 
steps of: 
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maintain ng a count of bad login attempts, the number of recent amplifications, a 

list of recent P x password amplification request values, and a list of timcstamps 
associated with : he list of recent password amplification request values on the server; 

receiving a blinded password (P x ) request 
recording the blinded password in a short-term list 
checking a user account to see if it is locked; 

creating t blinded key share (P xyi ) in response to the blinded password request; 

and 

sending i tie blinded key share to the client if it is unlocked. 

20. (Previously Presented) The method recited in Claim 19 further comprising the 
steps of: 

recording a timestarnp value to note the time that the request was received; 
periodic: Uy checking for stale requests which are determined when the difference 
between any tirr estamp value and the current time becomes greater than a specific period 
t of time; 

checking corresponding password amplification request values and timestamps; 

and 

incrementing the count of bad attempts. 

2 1 . (Pre /iously Presented) The method recited in Claim 19 further comprising the 
steps of 

sending r he value of Qa, equal to the password raised to a random power, along 
with any prior v xlues for Qa from earlier runs in the same login session, to each server in 
an encrypted message; and 

authentic ating the encrypted message using the master key K m . 

22. (Pre ./iously Presented) The computer program recited in Claim 1 1 further 
comprising a code segment that: 
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maintain » a count of bad login attempts, the number of recent amplifications, a list 
of recent P x pas. word amplification request values, and a list of timestamps associated 
with the list of r :cent password amplification request values on the server; 

receives i blinded password (P x ) request 

records 1 lie blinded password in a short-term suspect list 

checks a user account to see if such account is locked; 

creates a blinded key share (P xyi ) if the user account is unlocked; and 
sends tht blinded key share to the client, 

23. (On pnal) The computer program recited in Claim 22 further comprising a 
code segment tfiat: 

records f timestamp value to note the time that the request was received; 

periodic i'lly checks for stale requests which are determined when the difference 
between any tiiTiestamp value and the current time becomes greater than a specific period 
of time; 

deletes corresponding password amplification request values and timestamps; and 
increments the count of bad attempts. 

24. (Original) The computer program recited in Claim 22 further comprising a 
code segment tl; at: 

sends trv value of Qa, equal to the password raised to a random power, along with 
any prior values for Q A from earlier runs in the same login session, to each server in an 
encrypted message; and 

authenticates this message using the master key Km. 
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